The Information Technology Act (IT Act) was passed in the year 2000 and was further amended in the year 2008. The amended act in 2008 focuses on stronger protection of data and providing information security by execution of certified standards against cyber-crimes. IT Act, Rules came in the year 2011. The term cyber-crime is no defined under IT Act, 2000 or in any other Act. Cybercrime is no different from any traditional crime. The offense is widely defined under the Indian Penal Code.
Any offence which is committed with a motive to harm the reputation of any individual or group intentionally by using any electronic device or network shall come under cyber-crime. These crimes are categorised as –
- Unauthorised access (hacking)
- Forgery (involving changes in the data)
- Any manipulation of a computer based system
- Deliberate damage (virus programs)
- Unauthorised programs
Section 43 of the Information Technology Act states that if a person does not have authority over the computer or system. A person who has the authority or has the charge can access the computer or computer system and can also download any information from the place where the data is saved. A person who has power over the computer can also introduce or remove any virus or files from the computer. But if a person who does not have any authority does the same will be punishable as mentioned in Section 66 of the Information Technology Act, 2000.
If access to any computer is given to the wrong person, he might take undue advantage of the same. For example, if access is given to a bank’s database and the entries are changed without any notice. This will impact the bank’s financial statements. This is the reason these offences are to be recognised and be punished. There might be a case that if an important document of a company or firm came into the hands of the wrong person and the information was confidential. This will bring a wrong impact on the firm or the company. This reduces the trust build.
Section 43 also states that no person without authority has a right to cause disruption or denial of access to a person who has authority. The person also does not have a right to delete, make any changes, steal, or alters any information from the computer. He shall be punishable under Section 66. Section 66 of Information Technology, 2000 states that any act performed by a person as stated under Section 43 shall be punishable with imprisonment for one year and may extend to three years or with a fine up to Rs. 5 Lakhs or both. The computer source code shall be maintained as per the law. If any person knowingly or with intention alters or destroys any computer source code or program, he shall be punishable with imprisonment to three years or a fine for Rs. 2 lakhs or both. [Section 65]
Earlier, when a person sends offensive or menacing information from a computer system, he shall be punishable under section 66A. But in the year 2010, the Supreme Court of India had made this section enforceable as this section was unconstitutional and shall affect the freedom of speech and expression under Article 19(1)(a) of a person. Article 19 states that every individual has a right to give an opinion and to seek information or receive information.
If a person receives any important information which was stolen from any computer or communication device, he shall be punishable with imprisonment not exceeding three years or a fine up to Rs. 1 Lakh or both. [Section 66B]. If a person illegally uses a digital or electronic signature, password, or any other unique feature. This will be considered as an offence and shall be punishable under Section 66C – imprisonment up to three years or a fine of Rs. 1 Lakh or both. If a person logins other’s account by using his password without permission, he shall be punished.
When a person cheats his identification or creates a fake account, it shall be punished with an imprisonment of three years or a fine of Rs. 1 lakh or both. [Section 66D]. When a person with or without intention takes photographs or publishes pictures of a person’s private area without any consent. The person shall be punishable with imprisonment up to three years or a fine of Rs. 2 Lakhs or both. [Section 66E]
A person would suffer a lot of embarrassment and will become a person with esteem because of these incidents. A person shall know the rights and act firmly. This would have been done for any wrong purpose, and which should always be bought to notice. These types of small things will bring a big impact on an individual’s life. A person should not stay listening and speak up as soon as possible.
The most sensitive information regarding a person is with banks, insurance companies, hospitals, and even social media. At every level, they try to develop a policy that would keep the information save by one-time-password (OTP) or a verification mail before logging in every time. In the case of banks, it is mandatory to ensure the security of personal information. The information shall be protected by a specific procedure with security standards, for example, ISO 27001. This is a regular requirement. There are two types of information which are collected, personal and non-personal information.
In the era of technology, a person must share details online to create a treat for redeeming the benefits. But a person may start not to share the details if the details or accounts are being misused by someone else. This will lead to fewer people enjoying the benefits offered. The level of trust will be built by the help of improving the law for the same and creating powerful software. Some offenses are still not identified by the authorities. These amendments in the law might bring changes and will reduce the number of offences that take place.
Author’s Name: Kriti Kathuria (Bennett University, Greater Noida)